Permalink
Browse files

Couple script fixes and new scripts on Fuzzing and XmlDecoder

  • Loading branch information...
1 parent 662d6b4 commit 32faafad7e67ca2a41ef3395a2002ac78ec31ba8 @DinisCruz DinisCruz committed Aug 15, 2013
Showing with 788 additions and 5,152 deletions.
  1. +115 −0 3rdParty/MarkdownDeep/API_MarkdownDeep.cs
  2. +35 −0 3rdParty/MarkdownDeep/MarkdownDeep_Installer.cs
  3. +38 −0 3rdParty/MarkdownDeep/PoC - MarkdownDeep Transformations.h2
  4. +36 −34 3rdParty/MarkdownSharp/API_MarkdownSharp.cs
  5. +7 −4 3rdParty/MarkdownSharp/PoC - MarkdownSharp Transformations.h2
  6. +5 −10 3rdParty/MarkdownSharp/PoC - Raw MarkdownSharp Transformations.h2
  7. +2 −2 3rdParty/Snoop/Process Injection Tests/Injected_Dll.cs
  8. +31 −0 3rdParty/_Installers/Peach_Installer.cs
  9. +4 −3 APIs/IKVM/API_IKVMC.cs
  10. +1 −1 APIs/IKVM/API_IKVMC_CallMapping.cs
  11. +27 −31 APIs/IKVM/Util - Java Methods CallTo and IsCalledBy Mappings.h2
  12. +9 −4 APIs/Windows/AForge/Util - Movie Creator (Simple).h2
  13. +0 −46 Languages/DotNet/Ast_Scanner/Ast_Engine/Ast_Engine_Cache.cs
  14. +0 −55 Languages/DotNet/Ast_Scanner/Ast_Engine/Ast_Engine_ExtensionMethods.cs
  15. +0 −216 Languages/DotNet/Ast_Scanner/Ast_Engine/MethodMappings_Engine.cs
  16. +0 −729 Languages/DotNet/Ast_Scanner/Ast_Engine/MethodMappings_ExtensionMethods.cs
  17. +0 −31 Languages/DotNet/Ast_Scanner/Ast_Engine/O2CodeStreamTaintRules_ExtensionMethods.cs
  18. +0 −1,049 Languages/DotNet/Ast_Scanner/Ast_Engine/O2CodeStream_ExtensionMethods.cs
  19. +0 −1,320 Languages/DotNet/Ast_Scanner/Ast_Engine/O2MappedAstData_ExtensionMethods.cs
  20. +0 −674 Languages/DotNet/Ast_Scanner/Ast_Engine/O2MethodStream_ExtensionMethods.cs
  21. +0 −422 Languages/DotNet/Ast_Scanner/Ast_Engine/Saved_MethodStream.cs
  22. +0 −453 Languages/DotNet/Ast_Scanner/Ast_Engine/SharpDevelop_O2MappedAstData_ExtensionMethods.cs
  23. +0 −38 Languages/DotNet/Ast_Scanner/Ast_Engine/TextEditor_O2CodeStream_ExtensionMethods.cs
  24. +4 −0 Languages/DotNet/Ast_Scanner/O2_DotNet_Ast_Engine.cs
  25. +2 −3 Languages/DotNet/Ast_Scanner/Util - MethodStreams Creator.h2
  26. +4 −5 Languages/DotNet/Util - ViewState_Decoder_ASP.NET 3.0.h2
  27. +14 −17 Utils/O2/Uitl - Stop all (but current) O2_XRules_Database processes.h2
  28. +4 −4 _Custom_O2s/DotNet Static Analysis (Custom O2).h2
  29. +1 −1 _Custom_O2s/v4.1/Main O2 Gui.h2
  30. +10 −0 _Sample_Vulns/Fuzzing/PoC - Fuzzing Images - Gif.h2
  31. +8 −0 _Sample_Vulns/Fuzzing/PoC - Fuzzing Images - Ico.h2
  32. +8 −0 _Sample_Vulns/Fuzzing/PoC - Fuzzing Images - Png.h2
  33. +27 −0 _Sample_Vulns/Fuzzing/PoC - Fuzzing Images.h2
  34. +51 −0 _Sample_Vulns/Fuzzing/PoC - Generating Fuzzed Images.h2
  35. +39 −0 _Sample_Vulns/XmlSerialization/XmlDecode/PoC - XmlEncode object (using IKVM).h2
  36. +98 −0 _Sample_Vulns/XmlSerialization/XmlDecode/Util - XmlDecode in memory using IKVM.h2
  37. +84 −0 _Sample_Vulns/XmlSerialization/XmlDecode/Util - XmlDecode in memory using Jni4Net.h2
  38. +4 −0 _Sample_Vulns/XmlSerialization/XmlDecode/exploits/Simple string.xml
  39. +11 −0 _Sample_Vulns/XmlSerialization/XmlDecode/exploits/Start calc.xml
  40. +4 −0 _Sample_Vulns/XmlSerialization/XmlDecode/exploits/XXE - get local file.xml
  41. +35 −0 _Sample_Vulns/_Payloads/PoC - Consume Simple MD5 Rainbow Table.h2
  42. +70 −0 _Sample_Vulns/_Payloads/PoC - Generate Small MD5 Rainbow Table.h2
@@ -0,0 +1,115 @@
+// This file is part of the OWASP O2 Platform (http://www.owasp.org/index.php/OWASP_O2_Platform) and is released under the Apache 2.0 License (http://www.apache.org/licenses/LICENSE-2.0)
+using System;
+using System.Windows.Forms;
+using System.Collections.Generic;
+using FluentSharp.CoreLib;
+using FluentSharp.CoreLib.API;
+using FluentSharp.WinForms;
+using MarkdownDeep;
+//O2Ref:markdownDeep/bin/markdownDeep.dll
+
+//Installer:MarkdownDeep_Installer.cs!markdownDeep/bin/markdownDeep.dll
+
+namespace FluentSharp.For_MarkdownDeep
+{
+ public class API_MarkdownSharp
+ {
+ public List<Action> AfterTransform { get; set; }
+ public string Text { get; set; }
+ public string LastText_Transformed { get; set; }
+ public WebBrowser Browser { get; set; }
+ public TextBox TextArea { get; set; }
+ public Markdown Markdown { get; set; }
+
+ public API_MarkdownSharp() : this("")
+ {
+
+ }
+
+ public API_MarkdownSharp(string text)
+ {
+ AfterTransform = new List<Action>();
+ Text = text;
+ Markdown = new Markdown()
+ {
+ SafeMode = true
+ };
+ }
+ }
+
+
+
+ public static class API_MarkdownSharp_ExtensionMethods
+ {
+ public static API_MarkdownSharp transform(this API_MarkdownSharp markdownApi, string text)
+ {
+ markdownApi.Text = text;
+ return markdownApi.transform();
+ }
+ public static API_MarkdownSharp transform(this API_MarkdownSharp markdownApi)
+ {
+ markdownApi.LastText_Transformed = markdownApi.Markdown.Transform(markdownApi.Text);
+ markdownApi.AfterTransform.invoke();
+ return markdownApi;
+ }
+ public static API_MarkdownSharp showIn_Browser(this API_MarkdownSharp markdownApi)
+ {
+ if (markdownApi.Browser.isNull())
+ markdownApi.Browser ="Markdown Transformation".popupWindow().add_WebBrowser();
+ //var browser = open.webBrowser();
+ O2Thread.mtaThread(()=>markdownApi.Browser.html(markdownApi.LastText_Transformed));
+ return markdownApi;
+ }
+
+ public static API_MarkdownSharp showIn_TextArea(this API_MarkdownSharp markdownApi)
+ {
+ if (markdownApi.TextArea.isNull())
+ markdownApi.TextArea ="Markdown Transformation".popupWindow().add_TextArea();
+ //var browser = open.webBrowser();
+ markdownApi.TextArea.set_Text(markdownApi.LastText_Transformed);
+ return markdownApi;
+ }
+
+ public static API_MarkdownSharp syncWith_Browser(this API_MarkdownSharp markdownApi, WebBrowser browser)
+ {
+ markdownApi.Browser = browser;
+ markdownApi.AfterTransform.add(()=>markdownApi.showIn_Browser());
+ return markdownApi;
+ }
+
+ public static API_MarkdownSharp syncWith_TextArea(this API_MarkdownSharp markdownApi, TextBox textBox)
+ {
+ markdownApi.TextArea = textBox;
+ markdownApi.AfterTransform.add(()=>markdownApi.showIn_TextArea());
+ return markdownApi;
+ }
+
+ public static string text(this API_MarkdownSharp markdownApi)
+ {
+ return markdownApi.Text;
+ }
+ public static API_MarkdownSharp text(this API_MarkdownSharp markdownApi , string value)
+ {
+ markdownApi.Text = value;
+ return markdownApi;
+ }
+
+ /*public static string html(this API_MarkdownSharp markdownApi)
+ {
+ return markdownApi.transform().LastText_Transformed;
+ }*/
+
+
+ }
+ public static class API_MarkdownSharp_ExtensionMethods_String
+ {
+ /*public static string markdown_Transform(this string stringToTransform)
+ {
+ return new Markdown().Transform(stringToTransform);
+ }*/
+
+
+
+ }
+}
+
@@ -0,0 +1,35 @@
+using System;
+using System.Diagnostics;
+using FluentSharp.CoreLib;
+
+//O2File:Tool_API.cs
+
+namespace O2.XRules.Database.APIs
+{
+ public class MarkdownDeep_Installer_Test
+ {
+ public void test()
+ {
+ new MarkdownDeep_Installer().start();
+ }
+ }
+ public class MarkdownDeep_Installer : Tool_API
+ {
+
+ public MarkdownDeep_Installer()
+ {
+ config("MarkdownDeep",
+ "http://www.toptensoftware.com/downloads/MarkdownDeep.zip".uri(),
+ "bin/MarkdownDeep.dll");
+ installFromZip_Web();
+ }
+
+
+ public Process start()
+ {
+ if (this.isInstalled())
+ return this.Install_Dir.startProcess();
+ return null;
+ }
+ }
+}
@@ -0,0 +1,38 @@
+O2ConfigSettings.O2Version = "MarkdownTest";
+//var topPanel = panel.add_Panel(true);
+var topPanel = "PoC - MarkdownSharp Transformations".popupWindow(1200,600)
+ .insert_LogViewer();
+"tempdir: {0}".info(PublicDI.config.O2TempDir);
+
+var textArea_Source = topPanel.add_TextArea();
+var textArea_Transformed = textArea_Source.insert_Right()
+ .add_TextArea();
+var browser = textArea_Transformed.insert_Above()
+ .add_WebBrowser();
+
+var markdown = new API_MarkdownSharp();
+markdown.syncWith_Browser(browser)
+ .syncWith_TextArea(textArea_Transformed);
+
+textArea_Source.onTextChange((text)=>markdown.transform(text))
+ .set_Text("#Hello World".line().add(
+ "* an item"));
+
+//textArea_Source.insert_Below().add_Script_Me(markdown,"markdownApi")
+// .code_Append("//using FluentSharp.For_MarkdownDeep")
+// .code_Append("//O2Ref:MarkdownDeep.dll")
+textArea_Source.insert_Below().add_PropertyGrid().show(markdown.Markdown);
+
+topPanel.insert_Above_ToolStrip()
+ .add_Button("REPL markdown object", "text_x_script".formImage(),
+ ()=> markdown.script_Me("markdownApi")
+ .code_Append("//using FluentSharp.For_MarkdownDeep")
+ .code_Append("//O2Ref:MarkdownDeep.dll"));
+
+
+return markdown;
+
+
+//O2File:API_MarkdownDeep.cs
+//using FluentSharp.For_MarkdownDeep
+//O2Ref:MarkdownDeep.dll
@@ -9,7 +9,7 @@
//O2Ref:MarkdownSharp.dll
-namespace O2.XRules.Database.APIs
+namespace FluentSharp.For_Markdown
{
public class API_MarkdownSharp
{
@@ -18,6 +18,7 @@ public class API_MarkdownSharp
public string LastText_Transformed { get; set; }
public WebBrowser Browser { get; set; }
public TextBox TextArea { get; set; }
+ public Markdown Markdown { get; set; }
public API_MarkdownSharp() : this("")
{
@@ -27,70 +28,71 @@ public API_MarkdownSharp() : this("")
public API_MarkdownSharp(string text)
{
AfterTransform = new List<Action>();
- Text = text;
+ Text = text;
+ Markdown = new Markdown();
}
}
public static class API_MarkdownSharp_ExtensionMethods
{
- public static API_MarkdownSharp transform(this API_MarkdownSharp markdown, string text)
+ public static API_MarkdownSharp transform(this API_MarkdownSharp markdownApi, string text)
{
- markdown.Text = text;
- return markdown.transform();
+ markdownApi.Text = text;
+ return markdownApi.transform();
}
- public static API_MarkdownSharp transform(this API_MarkdownSharp markdown)
+ public static API_MarkdownSharp transform(this API_MarkdownSharp markdownApi)
{
- markdown.LastText_Transformed = markdown.Text.markdown_Transform();
- markdown.AfterTransform.invoke();
- return markdown;
+ markdownApi.LastText_Transformed = markdownApi.Markdown.Transform(markdownApi.Text);
+ markdownApi.AfterTransform.invoke();
+ return markdownApi;
}
- public static API_MarkdownSharp showIn_Browser(this API_MarkdownSharp markdown)
+ public static API_MarkdownSharp showIn_Browser(this API_MarkdownSharp markdownApi)
{
- if (markdown.Browser.isNull())
- markdown.Browser ="Markdown Transformation".popupWindow().add_WebBrowser();
+ if (markdownApi.Browser.isNull())
+ markdownApi.Browser ="Markdown Transformation".popupWindow().add_WebBrowser();
//var browser = open.webBrowser();
- O2Thread.mtaThread(()=>markdown.Browser.html(markdown.LastText_Transformed));
- return markdown;
+ O2Thread.mtaThread(()=>markdownApi.Browser.html(markdownApi.LastText_Transformed));
+ return markdownApi;
}
- public static API_MarkdownSharp showIn_TextArea(this API_MarkdownSharp markdown)
+ public static API_MarkdownSharp showIn_TextArea(this API_MarkdownSharp markdownApi)
{
- if (markdown.TextArea.isNull())
- markdown.TextArea ="Markdown Transformation".popupWindow().add_TextArea();
+ if (markdownApi.TextArea.isNull())
+ markdownApi.TextArea ="Markdown Transformation".popupWindow().add_TextArea();
//var browser = open.webBrowser();
- markdown.TextArea.set_Text(markdown.LastText_Transformed);
- return markdown;
+ markdownApi.TextArea.set_Text(markdownApi.LastText_Transformed);
+ return markdownApi;
}
- public static API_MarkdownSharp syncWith_Browser(this API_MarkdownSharp markdown, WebBrowser browser)
+ public static API_MarkdownSharp syncWith_Browser(this API_MarkdownSharp markdownApi, WebBrowser browser)
{
- markdown.Browser = browser;
- markdown.AfterTransform.add(()=>markdown.showIn_Browser());
- return markdown;
+ markdownApi.Browser = browser;
+ markdownApi.AfterTransform.add(()=>markdownApi.showIn_Browser());
+ return markdownApi;
}
- public static API_MarkdownSharp syncWith_TextArea(this API_MarkdownSharp markdown, TextBox textBox)
+ public static API_MarkdownSharp syncWith_TextArea(this API_MarkdownSharp markdownApi, TextBox textBox)
{
- markdown.TextArea = textBox;
- markdown.AfterTransform.add(()=>markdown.showIn_TextArea());
- return markdown;
+ markdownApi.TextArea = textBox;
+ markdownApi.AfterTransform.add(()=>markdownApi.showIn_TextArea());
+ return markdownApi;
}
- public static string text(this API_MarkdownSharp markdown)
+ public static string text(this API_MarkdownSharp markdownApi)
{
- return markdown.Text;
+ return markdownApi.Text;
}
- public static API_MarkdownSharp text(this API_MarkdownSharp markdown , string value)
+ public static API_MarkdownSharp text(this API_MarkdownSharp markdownApi , string value)
{
- markdown.Text = value;
- return markdown;
+ markdownApi.Text = value;
+ return markdownApi;
}
- public static string html(this API_MarkdownSharp markdown)
+ public static string html(this API_MarkdownSharp markdownApi)
{
- return markdown.transform().LastText_Transformed;
+ return markdownApi.transform().LastText_Transformed;
}
@@ -1,4 +1,4 @@
-//O2ConfigSettings.O2Version = "MarkdownTest";
+O2ConfigSettings.O2Version = "MarkdownTest";
//var topPanel = panel.add_Panel(true);
var topPanel = "PoC - MarkdownSharp Transformations".popupWindow()
.insert_LogViewer();
@@ -18,11 +18,14 @@ textArea_Source.onTextChange((text)=>markdown.transform(text))
.set_Text("#Hello World".line().add(
"* an item"));
+topPanel.insert_Above_ToolStrip()
+ .add_Button("REPL markdown object", "text_x_script".formImage(),
+ ()=> markdown.script_Me("markdownApi")
+ .code_Append("//using FluentSharp.For_Markdown"));
-//browser.script_Me();
return markdown;
-//using O2.XRules.Database.APIs
-//O2File:API_MarkdownSharp.cs
+//O2File:API_MarkdownSharp.cs
+//using FluentSharp.For_Markdown
@@ -1,24 +1,19 @@
-<?xml version="1.0"?>
-<H2>
- <SourceCode>//var topPanel = panel.add_Panel(true);
+//var topPanel = panel.add_Panel(true);
var topPanel = "PoC - MarkdownSharp Transformations".popupWindow();
var textArea_Source = topPanel.add_TextArea();
var textArea_Transformed = textArea_Source.insert_Right()
.add_TextArea();
var browser = textArea_Transformed.insert_Above()
.add_WebBrowser();
-Action&lt;string&gt; applyTransform =
- (source) =&gt; {
+Action<string> applyTransform =
+ (source) => {
var transformed = new Markdown().Transform(source);
- textArea_Transformed.set_Text(transformed);
- browser.set_Html(transformed);
+ textArea_Transformed.set_Text(transformed);
+ O2Thread.mtaThread(()=>browser.set_Html(transformed));
};
textArea_Source.onTextChange(applyTransform)
.set_Text("#Hello World");
//using MarkdownSharp
//O2Ref:MarkdownSharp.dll
-</SourceCode>
- <ReferencedAssemblies />
-</H2>
@@ -32,7 +32,7 @@ public static void info(string message)
//Debug.Write("[Info] " + message);
try
{
- var type = assembly.GetType("O2.Kernel.PublicDI");
+ var type = assembly.GetType("FluentSharp.CoreLib.API.PublicDI");
var method = type.GetMethod("get_log");
var kConfig = method.Invoke(null, new object[] { });
var info = kConfig.GetType().GetMethod("info");
@@ -88,7 +88,7 @@ public static Assembly loadAssembly(string path, bool fromGac)
public static Assembly compileFile(string file)
{
- var compileEngineType = assembly.GetType("O2.DotNetWrappers.DotNet.CompileEngine");
+ var compileEngineType = assembly.GetType("FluentSharp.CoreLib.API.CompileEngine");
//info("compileEngineType: " + compileEngineType);
var compileEngine = Activator.CreateInstance(compileEngineType);
//info("compileEngine: " + compileEngine);
Oops, something went wrong.

0 comments on commit 32faafa

Please sign in to comment.